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The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1)[3 Responsive to communication(s) filed on 19 December 2003 . 
2a)D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-49 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) KI Claim(s) 1-49 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)^ The drawing(s) filed on 09 December 2003 is/are: a)M accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 



3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) ^ Notice of References Cited (PTO-892) 4) Q Interview Summary (PTO-413) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) ^ Information Disclosure Statement(s) (PTO/SB/08) 5) □ Notice of Informal Patent Application 

Paper No(s)/Mail Date 5/0X2004 . 6) □ Other: . 



U.S. Patent and Trademark Office 

PTOL-326 (Rev. 08-06) 



Office Action Summary 



Part of Paper No./Mail Date 20070821 



Application/Control Number: 1 0/731 ,371 Page 2 

Art Unit: 2139 

DETAILED ACTION 

1. Claims 1-49 are pending 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 103(a). 

2. Claims 1-2, 7-15, 20-27, 32-39, 44-49 rejected under 35 U.S.C. 103(a) as being 
unpatentable over Fisher (20030033535). 

Regarding Claims 1, 13-14, 26, 38 
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Fisher teaches a system for single security administration comprising: 

a first server that includes an authentication server; (Tig. 2 shows a block diagram 
illustrating the architecture 200 of an exemplary common authentication protocol or proxy 
(CAP) server 40 according to one embodiment of the invention" Paragraph [0019]). The 
Examiner interprets the CAP server as the first authentication server 

a second server that includes an embedded LDAP server; ("The architecture of the 
Cap server includes... an authentication interface which communicates with directory service 
backends including... LDAP" Paragraph [0019]) The Examiner interprets the authentication 
backend the second server. 

a default security plugin at said first server that receives authentication requests 
from clients and forwards them to said first authentication server; ("A user 30 wishes to 
begin an application 20 on the data processing system... The application 20 will send a request 
for authentication credentials 300 to the CAP server 40 (step 420) Paragraph [0021]) The 
Examiner interprets the application as the default security plugin that receives authentication 
requests from clients and forwards them to an authentication server. ("Secure Channel from the 
Client... Security is provided by encapsulation at the transport layer so that alternate security 
methods may be used or "plugged in." Paragraph [0123]) 

wherein, in response to receiving a request for authentication from a client, the 
system initiates a session between said first server and said second server, passes 
query information from said LDAP authentication server to said embedded LDAP 
server, receives corresponding user information, ("The CAP server will perform 



Application/Control Number: 10/731,371 Page 4 

Art Unit: 2139 

authentication by accessing the database of the appropriate authentication backend 110 for the 
given application. " Paragraph [0023]) 

and creates a token that reflects an authentication result that can be used by said 
client. ("If the credentials are authentic, then the CAP server will return an authentication token 
to the application. " Paragraph [0024]) 

Fisher does not explicitly teach that the first authentication server is an LDAP 
Enterprise server, the second server is an Application server or opening an LDAP 
session between the first and second server. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to make the first authentication server an LDAP server. 

One of ordinary skill in the art would be able to use a LDAP server as the first 
server because LDAP servers are common in the art. Fisher already teaches the first 
authentication server communicating with the LDAP authentication backend (second 
server), therefore if the first authentication server is an LDAP server then it is inherent 
the communication between the first server and the LDAP authentication backend 
would be an LDAP session. Enterprise and Application servers are well known in the 
art and one of ordinary skill would have been able to modify Fisher to include them. 

The cited art teaches the method that the system performs. 



Regarding Claims 2, 15, 27, 39 
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Fisher teaches the system of claim 1 wherein the system checks a user profile 
database or user profile configuration information to determine where the user security 
information is stored. ("In general, the CAP server. . .obtains the user or user group 
information it requires to perform its authentication function from an external user or user group 
database contained in the authentication backend" Paragraph [0023]) 



Regarding Claim 7, 20, 32, 44 

Fisher teaches the system of claim 1 wherein said query information is query 
user information that specifies a particular user or group of users. ("In general, the CAP 
server. . .obtains the user or user group information it requires to perform its authentication 
function from an external user or user group database contained in the authentication backend" 
Paragraph [0023])(LDAP User Filter, LDAP Group Filter, Paragraph [0095-6]) 

Regarding Claim 8, 21, 33, 45 

Fisher teaches the system of claim 1 wherein the system includes a plurality of servers 
("The invention seeks to provide a method and system for user authentication in a data 
processing system wherein users only have to logon once, while being able to access multiple 
applications and servers" Paragraph [0006]) 



Regarding Claim 9, 22, 34, 46 
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Fisher teaches the system of claim 8 wherein at least one of said plurality of 
servers include an LDAP authentication server. ("LDAP Server Host" Paragraph [00941]) 

Fisher does not explicitly teach where at least two servers include an LDAP 
authentication server. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to include two LDAP authentication servers. 

The motivation is that Fisher already teaches using multiple servers, including 
one LDAP server. One of ordinary skill in the art would have been able to add another 
LDAP server without altering the functionality of the system. 

Regarding Claim 10, 23, 35, 47 

Fisher teaches the system of claim 1 , further comprising a user information 
cache that caches a copy of said user information, ("the authentication token is generally 
stored in cache memory within the data processing system and is passed to each application 
that the user needs to access without the need to request new credentials each time" 
Paragraph [0030]) The Examiner interprets the authentication token as comprising use 
credentials. 

Regarding Claim 11, 24, 36, 48 
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Fisher teaches the system of claim 1 . The Examiner asserts that any system 
which has multiple servers and is compatible with LDAP (including the system of 
Fisher) is scalable to include multiple LDAP authentication servers and/or multiple 
embedded LDAP servers. 

Regarding Claim 12, 25, 37, 49 

Fisher teaches the system of claim 1 wherein at least one of said servers include a 
console program for administering the security of the system. ("The CAP server includes 
an administration system that provides a system administrator with the ability to change or 
configure the CAP server's properties. Configuration may be HTML based. The HTML page 
may be generated by a servlet The administration screens may be accessible from a browser, 
and editor, or an enterprise information portal. " Paragraph [0084]) The Examiner asserts that 
an administration system as described inherently requires a computer program. 

3. Claims 3-5, 16-18, 28-30, 40-42 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Fisher in view of TheServerSide.com article "BEA announces Bea 
Tuxedo 8.0 and Bea Weblogic Enterprise 6.0" on June 12, 2001. 



Regarding Claims 3-5, 16-18, 28-30, 40-42 
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Fisher teaches the system of claim 1 . Fisher does not explicitly teach wherein 
said first server is a WebLogic server, and said second server is a Tuxedo server. 

TheServerSide.com shows an article that teaches the Weblogic and Tuxedo 
servers are well known servers in the art. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to use a Weblogic server as the first server and a Tuxedo server as the 
second server. 

The motivation is that WebLogic and Tuxedo servers are well known in the art, 
and one of ordinary skill would have been able to use these servers in the system of 
Fisher. 

4. Claims 6, 19, 31 and 43 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Fisher in view of Zois.co.uk's Technical note "Using Tuxedo 
Asynchronously with Global Transaction" published 4/23/2001. 

Regarding Claim 6, 19, 31, 43 

Fisher teaches the system of claim 1 , but Fisher does not explicitly teach wherein 
wherein said client is a Tuxedo client and said request is a tpinit call. 

Zois.co.uk teaches that Tuxedo clients and tpinit calls are common in the art. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to use Tuxedo clients as a client and tpinit calls for the request. 
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The motivation is that Tuxedo clients and tpinit calls for requests were common 
at the time of the invention and one of ordinary skill in the art could use these well 
known items in the system of Fisher with predictable results. 



Conclusion 



5. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Harris C. Wang whose telephone number is 
5712701462. The examiner can normally be reached on M-F 8-5:30, Alternate Fridays 
Off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, AYAZ R. SHEIKH can be reached on (571)272-3795. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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